Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HiQGa3nNqe4GaGXir8l1DIKILQQ.roa
File: HiQGa3nNqe4GaGXir8l1DIKILQQ.roa (raw, json)
Hash identifier: dhfqw1PyAbn5q1E4o+08+juMAZKPy4XfU5IzLA4+z88=
Subject key identifier: 1E:24:06:6B:79:CD:A9:EE:06:68:65:E2:AF:C9:75:0C:82:88:2D:04
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CFEA95A6FCD3B90323E0D3804FC50A242
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HiQGa3nNqe4GaGXir8l1DIKILQQ.roa
Signing time: Fri 12 Jan 2024 17:12:40 +0000
ROA not before: Fri 12 Jan 2024 17:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fe:a9:5a:6f:cd:3b:90:32:3e:0d:38:04:fc:50:a2:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 12 17:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e24066b79cda9ee066865e2afc9750c82882d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:37:aa:a3:ac:ea:d9:91:14:41:f7:6c:8a:88:
a5:de:b8:ac:8e:a8:8d:1f:71:03:e9:f4:a9:07:2b:
cb:87:f1:98:94:79:6b:2a:0a:67:eb:ae:e1:de:cd:
f6:03:b0:dc:06:c0:e7:bb:14:fd:42:d1:b1:0f:25:
f1:d9:31:59:96:c9:f4:ee:58:af:fd:25:4e:3d:f5:
84:72:ef:37:e7:f6:e3:fd:be:25:1e:b9:0c:80:58:
f0:30:70:a2:51:2b:cf:7f:78:b2:53:62:5c:f7:1a:
1e:14:61:28:08:1d:f3:e0:ad:7f:e0:4b:e0:e3:45:
aa:fa:80:a4:11:75:f1:5e:0f:20:a3:d1:92:aa:43:
08:9b:ee:eb:66:07:8e:0d:0a:80:b5:a0:92:e6:46:
2a:f9:21:44:ca:f5:53:69:19:74:f5:86:18:92:4e:
ba:0c:d9:34:d9:e6:7c:cb:5b:4d:b9:bf:85:76:cc:
e4:82:23:13:c6:ba:fa:fa:99:69:b6:01:6a:5b:8e:
b5:da:22:d3:3a:7e:bf:1e:33:da:21:dc:80:46:43:
67:d1:1e:cc:3a:1f:51:3d:9f:36:71:3a:33:55:6c:
3d:27:49:b8:e4:01:c0:70:4e:d4:d7:c7:91:cc:9b:
d7:26:be:45:e5:dd:25:49:e3:97:fb:66:6f:76:15:
4b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:24:06:6B:79:CD:A9:EE:06:68:65:E2:AF:C9:75:0C:82:88:2D:04
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HiQGa3nNqe4GaGXir8l1DIKILQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:04:7a:87:4c:15:80:f8:f5:30:50:3e:f5:aa:cb:00:5f:e2:
d0:87:4c:3b:cb:e2:25:a9:19:24:ba:06:55:e1:db:02:06:ce:
9a:8a:db:d7:25:78:44:7a:88:c8:bd:ab:0a:44:8a:a3:52:64:
47:e9:ff:ba:47:cd:34:2c:39:53:32:1c:08:4e:5f:fa:cc:75:
3e:44:58:ae:80:16:2e:92:96:1d:30:89:03:a2:21:7a:e9:ff:
9f:37:21:e9:82:3e:97:42:18:c8:e4:dd:d6:85:a7:2e:36:38:
ec:dd:ff:5d:28:e6:88:ca:1e:70:1c:de:50:9a:0e:87:3c:23:
76:e0:d8:cd:45:de:ee:0c:a9:37:c4:36:20:4e:eb:d3:fe:29:
4a:30:52:16:af:40:cc:5b:49:38:16:41:5d:86:d8:69:66:12:
6d:27:c7:92:29:00:03:9a:7e:fc:79:7b:e2:4d:8b:6a:d9:9f:
9a:be:2a:b0:1e:c0:c7:ae:39:35:b3:0d:43:dd:c2:3f:64:d8:
bf:ca:9f:f1:d0:c6:31:22:ef:c6:6b:c2:05:75:26:7f:96:cc:
70:65:10:ab:ba:86:d7:c8:ae:67:61:46:ee:28:f6:de:8b:24:
fe:9b:e8:86:4a:f2:45:dc:90:69:7d:0e:ba:b3:dd:37:28:14:
54:2d:b1:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz+qVpvzTuQMj4NOAT8UKJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEyMTcxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTI0MDY2Yjc5Y2RhOWVlMDY2ODY1ZTJhZmM5NzUwYzgyODgyZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjeqo6zq2ZEUQfdsioil3risjqiN
H3ED6fSpByvLh/GYlHlrKgpn667h3s32A7DcBsDnuxT9QtGxDyXx2TFZlsn07liv
/SVOPfWEcu835/bj/b4lHrkMgFjwMHCiUSvPf3iyU2Jc9xoeFGEoCB3z4K1/4Evg
40Wq+oCkEXXxXg8go9GSqkMIm+7rZgeODQqAtaCS5kYq+SFEyvVTaRl09YYYkk66
DNk02eZ8y1tNub+FdszkgiMTxrr6+plptgFqW4612iLTOn6/HjPaIdyARkNn0R7M
Oh9RPZ82cTozVWw9J0m45AHAcE7U18eRzJvXJr5F5d0lSeOX+2ZvdhVLfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB4kBmt5zanuBmhl4q/JdQyCiC0EMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSGlRR2Ezbk5xZTRHYUdYaXI4bDFESUtJTFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEsEeodMFYD49TBQPvWq
ywBf4tCHTDvL4iWpGSS6BlXh2wIGzpqK29cleER6iMi9qwpEiqNSZEfp/7pHzTQs
OVMyHAhOX/rMdT5EWK6AFi6Slh0wiQOiIXrp/583IemCPpdCGMjk3daFpy42OOzd
/10o5ojKHnAc3lCaDoc8I3bg2M1F3u4MqTfENiBO69P+KUowUhavQMxbSTgWQV2G
2GlmEm0nx5IpAAOafvx5e+JNi2rZn5q+KrAewMeuOTWzDUPdwj9k2L/Kn/HQxjEi
78ZrwgV1Jn+WzHBlEKu6htfIrmdhRu4o9t6LJP6b6IZK8kXckGl9Drqz3TcoFFQt
sXg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:05:33 2025 by rpki-client